package com.cci.kangdao.filter;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

/**
 * @author William Du
 * @date 2020/1/9
 */
public class HeaderFilter implements Filter {

    public void destroy() {
    }

    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain)
            throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest)req;
        HttpServletResponse response = (HttpServletResponse) res;
        String originHeader = request.getHeader("Origin");
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS");
        response.setHeader("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, Accept, Cache-Control, Content-Type, userid, Authorization, source, userData,companyId,type,outSideId,token");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        HttpSession session = request.getSession();
        response.setHeader("Set-Cookie", "JSESSIONID=" + session.getId() + ";Secure;HttpOnly");//设置Secure;HttpOnly
        chain.doFilter(request, response);
    }

    public void init(FilterConfig arg0) throws ServletException {
    }
}
